<?php
/**
  * LoginController.php
  *
  * This is not a freeware, use is subject to license terms
  * @author CLOUD DEV TEAM
  * 
  */
if (!defined('IN_CLOUD')) exit('Access Denied!');

class LoginController extends Controller
{
	public function __construct()
	{
		$this->lang = self::getLang( array( 'Common' , 'Login' ) );
		parent::__construct();
		
		if ( !in_array( PARAM_A , array( 'logout' ) ) && Session::get( 'userId' ) && Session::get( 'userName' ) )
		{
			Url::showMsg( '您已登录，不能完成此操作' );
		}
	}
	
	/**
	 * 登录
	 */
	public function run()
	{
		if ( $this->post['dosubmit'] )
		{
			$userName = trim( $this->post['username'] );
			if ( empty( $userName ) )
			{
				Url::showMsg( '对不起，用户名不能为空' );
			}
			if ( !User::validateUserName( $userName ) )
			{
				Url::showMsg( '对不起，用户名无效' );
			}
			$password = trim( $this->post['password'] );
			if ( strlen( $password ) < 6 )
			{
				Url::showMsg( '对不起，密码不能少于6位' );
			}
			if ( !Captcha::checkCaptcha( $this->post['code'] ) )
			{
				Url::showMsg( '对不起，验证码不正确' );
			}
			$userModel = User::getInstance();
			if ( $userInfo = $userModel->login( $userName , $password ) )
			{
				Session::set( 'userId' , $userInfo['user_id'] );
				Session::set( 'userName' , $userName );
				Session::set( 'avatar' , $userInfo['avatar'] );
				Url::showMsg( '您已成功登录，现在转向用户中心' , '?c=user' );
			}
			else
			{
				Url::showMsg( '用户名或者密码不正确' );
			}
		}
		//$this->viewModel->tplAssign();
		//$this->viewModel->display( 'login.htm' );
		Url::redirectUrl( SITEURL );
	}
	
	/**
	 * 首页ajax登录
	 */
	public function ajaxLogin()
	{
		$userName = trim( $this->post['username'] );
		if ( empty( $userName ) )
		{
			exit( '1|用户名不能为空' );
		}
		//用户名无效
		if ( !User::validateUserName( $userName ) )
		{
			exit( '2|用户名无效' );
		}
		$password = trim( $this->post['password'] );
		if ( strlen( $password ) < 6 )
		{
			exit( '3|密码不能小于6位' );
		}
		
		$userModel = User::getInstance();
		if ( $userInfo = $userModel->login( $userName , $password ) )
		{
			Session::set( 'userId' , $userInfo['uid'] );
			Session::set( 'userName' , $userName );
			Session::set( 'nickName' , $userInfo['nickname'] );
			$html = '<ul>';
			$html .= '<li>
				欢迎您，' . ( $userInfo['nickname'] ? $userInfo['nickname'] : $userName ) . '
			</li>
			<li>
				<a href="' . SITEURL . '/?c=user&a=profile">基本信息</a>
			</li>
			<li>
				<a href="">图片浏览</a>
			</li>
			<li>
				<a href="' . SITEURL . '/?c=picture&a=addPicture">图片上传</a>
			</li>
			<li>
				<a href="' . SITEURL . '/?c=user&a=modifyPassword">密码修改</a>
			</li>
			<li>
				<a href="' . SITEURL . '/?c=user&a=logout">退出</a>
			</li>';
			$html .= '</ul>';
			exit( '0|' . $html );
		}
		else
		{
			exit( '4|用户名或者密码不正确' );
		}
	}
	
	/**
	 * 注册
	 */
	public function reg()
	{	
		if ( $this->post['dosubmit'] )
		{
			//用户名
			$userName = trim( $this->post['username'] );
			if ( empty( $userName ) )
			{
				Url::showMsg( '对不起，用户名不能为空' );
			}
			if ( !User::validateUserName( $userName ) )
			{
				Url::showMsg( '对不起，用户名无效' );
			}
			//密码
			$password = trim( $this->post['password'] );
			$confirmPassword = trim( $this->post['confirm_password'] );
			if ( strlen( $password ) < 6 || strlen( $confirmPassword ) < 6 )
			{
				Url::showMsg( '对不起，密码不能少于6位' );
			}
			elseif ( $password !== $confirmPassword )
			{
				Url::showMsg( '对不起，两次输入密码不一致' );
			}
			//邮件
			$email = trim( $this->post['email'] );
			if ( empty( $email ) )
			{
				Url::showMsg( '对不起，邮箱不能为空！' );
			}
			elseif ( !User::validateEmail( $email ) )
			{
				Url::showMsg( '对不起，邮箱无效！' );
			}
			
			//校验验证码
			if ( !Captcha::checkCaptcha( $this->post['code'] ) )
			{
				Url::showMsg( '对不起，验证码不正确' );
			}
			
			$userModel = User::getInstance();
			
			$user = $userModel->getOne( array( 'username' => $userName ) );
			if ( $user )
			{
				Url::showMsg( '对不起，此用户名已存在，请重新注册！' );
			}
			
			if ( $userInfo = $userModel->reg( $userName , $password , $email ) )
			{
				Session::set( 'userId' , $userInfo['uid'] );
				Session::set( 'userName' , $userName );
				Session::set( 'nickName' , $userInfo['nickname'] );
				Url::showMsg( '恭喜您注册成功，现在进入用户中心' , '?c=user&a=profile' );
			}
			else
			{
				Url::showMsg( '很遗憾，注册失败！' );
			}
		}
		$this->viewModel->tplAssign();
		$this->viewModel->display( 'reg.htm' );
	}
	
	/**
	 * 找回密码
	 */
	public function forgetPwd()
	{
		if ( $this->post['dosubmit'] )
		{
			$userName = trim( $this->post['username'] );
			
			if ( empty( $userName ) )
			{
				Url::showMsg( '用户名不能为空' );
			}
			
			if ( !User::validateUserName( $userName ) )
			{
				Url::showMsg( '对不起，用户名格式不正确' );
			}
			
			if ( !Captcha::checkCaptcha( $this->post['code'] ) )
			{
				Url::showMsg( '对不起，验证码不正确' );
			}
			
			$userModel = User::getInstance();
			$userInfo = $userModel->getOne( array( 'username' => $userName ) );
			
			if ( $userInfo )
			{
				$forgetPwdModel = ForgetPwd::getInstance();
				$forgetPwdInfo = $forgetPwdModel->getOne( array( 'uid' => $userInfo['uid'] , 'flag' => 0  ) );
				if ( $forgetPwdInfo )
				{
					//Url::showMsg( '您已经发送过找回密码请求了，请去邮箱查看邮件！' );
					$forgetPwdModel->update( array( 'flag' => 1 ) , array( 'uid' => $this->userInfo['uid'] ) );
				}
			
				if ( empty( $userInfo['email'] ) )
				{
					Url::showMsg( '对不起，此用户注册时没有填写邮箱地址，请联系管理员！' );
				}
				else
				{
					$rand = Common::getRandNum( 8 );
					$rand = md5( md5( $rand ) );
					$subject = '找回密码邮件';
                	$message = "
你好，$userInfo[username]，
这封信是由 " . SITENAME . " 发送的。

您收到这封邮件，是因为在我们的网站上这个邮箱地址被登记为用户邮箱，
且该用户请求使用 Email 密码重置功能所致。

----------------------------------------------------------------------
重要！
----------------------------------------------------------------------

如果您没有提交密码重置的请求或不是我们网站的注册用户，请立即忽略
并删除这封邮件。只在您确认需要重置密码的情况下，才继续阅读下面的
内容。

----------------------------------------------------------------------
密码重置说明
----------------------------------------------------------------------

您只需在提交请求后的三天之内，通过点击下面的链接重置您的密码：

" . SITEURL . "/?c=login&a=setForgetPwd&user_id={$userInfo[uid]}&rand={$rand}

(如果上面不是链接形式，请将地址手工粘贴到浏览器地址栏再访问)

上面的页面打开后，输入新的密码后提交，之后您即可使用新的密码登录
网站了。您可以在用户控制面板中随时修改您的密码。



此致

" . SITENAME . " 管理团队.
" . SITEURL;

					
					$forgetPwdData = array(
						'uid' => $userInfo['uid'],
						'rand_md' => $rand,
						'email' => $userInfo['email'],
						'createdate' => date( "Y-m-d H:i:s" , SYSTIME ),
						'flag' => 0,
					);
					if ( !$forgetPwdModel->insert( $forgetPwdData ) )
					{
						Url::showMsg( '很抱歉，添加找回密码记录时出错了！' );
					}
					
					$mail = new Mail();
					if ( $mail->send_mail( $userInfo['email'] , '' , $subject , $message ) )
					{
						Url::showMsg( '恭喜您，邮件已经发送到您注册邮箱了，请及时查收并修改密码！' , SITEURL );
					}
					else
					{
						Url::showMsg( '很抱歉，发送找回密码邮件失败' );
					}
				}
			}
			else
			{
				Url::showMsg( '对不起，该用户名不存在' );
			}
		}
		
		$this->viewModel->tplAssign();
		$this->viewModel->display( 'forget_pwd.htm' );
	}
	
	/**
	 * 重新设置密码
	 */
	public function setForgetPwd()
	{
		$userId = ( int )$this->post['user_id'];
		$rand = trim( $this->post['rand'] );
		
		if ( $userId < 1 && strlen( $rand ) < 8 )
		{
			Url::showMsg( '对不起，参数错误！' , SITEURL );
		}
		
		$userModel = User::getInstance();
		$userInfo = $userModel->getOne( array( 'uid' => $userId ) );
		if ( !$userInfo )
		{
			Url::showMsg( '对不起，此用户不存在！' , SITEURL );
		}
		
		$forgetPwdModel = ForgetPwd::getInstance();
		$forgetPwdInfo = $forgetPwdModel->getOne( array( 'uid' => $userInfo['uid'] , 'flag' => 0 ) );
		
		if ( $forgetPwdInfo )
		{
			if ( $forgetPwdInfo['rand_md'] != $rand || $_SERVER['REQUEST_TIME'] - 3 * 86400 > strtotime( $forgetPwdInfo['createdate'] ) )
			{
				Url::showMsg( '对不起，此链接已过期' , SITEURL );
			}
			
			if ( $this->post['dosubmit'] )
			{
				$newpassword = trim( $this->post['newpassword'] );
				$confirm_newpassword = trim( $this->post['confirm_newpassword'] );
				
				if ( empty( $newpassword ) || empty( $confirm_newpassword ) )
				{
					Url::showMsg( '密码不能为空！' );
				}
				
				if ( strlen( $newpassword ) < 6 || strlen( $confirm_newpassword ) < 6 )
				{
					Url::showMsg( '密码不能少于6位！' );
				}
				
				if ( $newpassword != $confirm_newpassword )
				{
					Url::showMsg( '两次输入密码不一致！' );
				}
				
				if ( $userModel->update( array( 'password_md' => md5( $newpassword ) ) , array( 'uid' => $userInfo['uid'] ) ) 
					&& $forgetPwdModel->update( array( 'flag' => 1 ) , array( 'uid' => $userId , 'rand_md' => $rand ) ) )
				{
					Url::showMsg( '恭喜您，设置密码成功！' , SITEURL );
				}
				else
				{
					Url::showMsg( '很遗憾，设置密码失败了，请重试！' );
				}
			}
			
		}
		else
		{
			Url::showMsg( '很遗憾，您还没有使用密码找回功能！' , SITEURL );
		}
		
		$this->viewModel->tplAssign();
		$this->viewModel->display( 'set_forget_pwd.htm' );
	}
	
	/**
	 * 注册协议
	 */
	public function registerProtocol()
	{
		$this->viewModel->tplAssign();
		$this->viewModel->display( 'protocol.htm' );
	}
	
}